…or at least, it should be
A recent PCI compliance report from Verizon contains some interesting findings.
It starts off with what seems like good news: compliance rates between audits are increasing, with an 80% increase in the number of companies being validated as PCI-DSS compliant at their interim assessments. However, 80% of companies … [Read more...]

The IT security news over the past year or so has been really bad. Sometimes it seemed that each day brought the story of yet another breach, every one bigger than the one before. According to a recent report, more than one billion records were exposed over more than 1,500 individual incidents.
It can be difficult to explain how this can happen. … [Read more...]

IT security and compliance are at the top of everyone's agenda right now, and for good reason. The news over the past year seemed to be all about companies being breached in every industry.
These are hardly new problems, and any responsible company has been investing in IT security and compliance for a long time. The problem is that the … [Read more...]

Adopting new technologies and integrating them with its product offerings is almost an obsession at Morningstar, Inc. However, Andrew Watts, Morningstar’s IT director, makes it clear that Morningstar isn’t interested in technology for technology’s sake. Before embracing any new technology, IT always asks two questions:
What will this new … [Read more...]

The first rule of cloud security is, you do not talk about cloud security issues.
No, wait, that's not right - everybody talks about cloud security risks and issues. Gartner just ran a survey on the factors preventing adoption of the cloud, and more than 50% of respondents cited security and privacy.
The problem is that much of that talk … [Read more...]

Eight years of superb compliance. Cost savings of several hundred thousand in seven months for one automation project alone. Those are major accomplishments to brag about. But Chris Blanks, Top Technical Automation Specialist at Transamerica Life Insurance Company, part of the international Aegon Group, is more interested in uncovering new ways to … [Read more...]

This last week brought major changes in the business cost of poorly automated IT security. A US federal judge ruled that banks can sue Target to recover damages because poor security played a “key role” in allowing its systems to be compromised.
Banks now have the ability to go after merchants that have been hacked. From here it is a short step … [Read more...]